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Amendments to the Claims; 

This listing of claims will replace all prior versions, and listings, of claims in the application. No 
new matter is presented. 

1 . (Currently Amended) A method of authenticating computing devices on a communications 
network compjrising the steps of: 

receiving a first challenge from a computing device, wherein said first challenge 
comprises an encrypted first random number and a unique identifier associated with said 

computing device; 

obtaining a first secret cryptographic key associated with said unique identifier; 

generating a second random numbe r, wherein the second random number is different 
from the first random number : 

decrypting said first random number with said first secret cryptographic key; 

encrypting said second random number with said first secret cryptographic key; and 

transmitting a second challenge to said computing device, wherein said second challenge 
comprises said encrypted said second random number. 

2. (Original) The method of claim 1 , wherein said unique identifier is a serial number of a 
physical token installed at said computing device. 

3. (Original) The method of claim 2, wherein said step of obtaining a first secret cryptographic 
key comprises the step of 

retrieving a pre-stored record associated with said serial number, wherein said 
record comprises said first secret cryptographic key. 

4. (Original) The method of claim 3, wherein said step of obtaining a first secret cryptographic 
key comprises the step of 

receiving a key database file comprising a number of records, wherein each 
record is associated with a unique physical token and comprises a unique secret 
cryptographic key and a unique serial number. 

5. (Original) The method of claim 4, wherein said unique secret cryptographic key is created 
from a random number generated at initialization of said token. 
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6. (Original) The method of claim 1 , further comprising the steps of: 

decrypting said first challenge with a network receive cryptographic key; and 
encrypting said second challenge with a network send cryptographic key. 

7. (Original) The method of claim 3, wherein said step of decrypting said encrypted first 
random number results in a first value, and fiirther comprising the step of 

disallowing said computing device to communicate with other computing devices on said 
network if said first value is a null value. 

8. (Original) The method of claim 7, wherein 

allowing said computing device to communicate with other computing devices on said 
network if said first value is not a null value. 

9. (Original) The method of claim 7, fiirther comprising the step of 

decrypting said second challenge with a network receive cryptographic key. 

10. (Original) The method of claim 8, further comprising the step of 

decrypting said encrypted second random number with a second secret cryptographic 
key. 

11. (Original) The method of claim 10, wherein said second secret cryptographic key is stored 
within said physical token. 

12. (Cancelled) A method of deriving a new encryption key for a communication session 
comprising the steps of claim 1, and the step of 

transposing said first secret cryptographic key into said new encryption key, wherein said 
step of transposing comprises the steps of: 

calculating a modulus N of the first random number to obtain a result n; 

calculating a modulus N of the second random number to obtain a result m; 

equating the first bit of said new encryption key to the n-th bit of said secret 
cryptographic key; and 

equating the second bit of said new encryption key to the (n+m)th bit of said 
secret cryptographic key. 

13. (Currently Amended) A conmiunications system comprising: 

a number of computing devices, and 
at least one authentication device. 
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wherein each cUont device or authentication device includes a removable unique tamper- 
resistant physical token comprising 

a random number generator configured to generate at least one random number different 
from a received random number . 

a unique secret cryptographic key, and 
and a unique serial number. 

14. (Original) The system of claim 13, wherein each client device or authentication device 
further includes a wireless communications transceiver to commimicate on a wireless 
network. 

15. (Original) The system of claim 14, wherein said wireless network is Wi-Fi network. 

16. (Original) The system of claim 15, wherein said authentication device is an access point. 

17. (Original) The system of claim 13, wherein each tamper-resistant physical token is installed 
via a USB interface. 

18. (Original) The system of claim 16, wherein said access point includes a database file 
comprising said serial numbers and secret cryptographic keys associated with said tokens. 

19. (Currently Amended) A method of authenticating computing devices on a communications 
network comprising the steps of: 

receiving a first challenge from a computing device, wherein said first challenge 
comprises a first random number and a unique identifier associated with said computing 
device; 

obtaining a first secret cryptographic key associated with said unique identifier; 

generating a second random numbe r, wherein the second random number is different 
from the first random number : 

encrypting said first random number with said first secret cryptographic key; and 

transmitting a second challenge to said computing device, wherein said second challenge 
comprises said encrypted first random number and said second random number. 

20. (Original) The method of claim 19, wherein said unique identifier is a serial number of a 
physical token installed at said computing device. 

21. (Original) The method of claim 20, wherein said step of obtaining a first secret 
cryptographic key comprises the step of 
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retrieving a pre-stored record associated with said serial number, wherein said 
record comprises said first secret cryptographic key. 

22. (Original) The method of claim 21, wherein said step of obtaining a first secret 
cryptographic key comprises the step of 

receiving a key database file comprising a nxmiber of records, wherein each 
record is associated with a unique physical token and comprises a unique secret 
cryptographic key and a unique serial number. 

23. (Original) The method of claim 22, wherein said unique secret cryptographic key is created 
firom a random number generated at initialization of said token. 

24. (Original) The method of claim 19, fiirther comprising the steps of: 

decrypting said first challenge with a network receive cryptographic key; and 
encrypting said second challenge with a network send cryptographic key. 

25. (Original) The method of claim 21, fiuther comprising the steps of: 

receiving a third challenge fi-om said computing device, wherein said third challenge 
comprises said second random number encrypted with a second secret cryptographic key; 

decrypting said encrypted second random number with said first secret cryptographic 
key; and 

comparing said decrypted second random number to said second random number to 
determine if a match exists. 

26. (Original) The method of claim 25, wherein 

if a match exists between said decrypted second random number and said second random 
number, 

allowing said computing device to communicate with other computing devices on 
said network, 

otherwise if a match does not exist, 

disallowing said computing device to communicate with other computing devices 
on said network. 

27. (Original) The method of claim 25, fiirther comprising the step of 

decrypting said third challenge with a network receive cryptographic key. 



5 



Application of Fascenda 
Attorney Docket No. 62922.000003 

28. (Original) The method of claim 25, wherein said second secret cryptographic key is stored 
within said physical token. 
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